Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add some additional logging

This commit is contained in:
Andrew Ayer 2017-01-06 10:31:34 -08:00
parent 0c751f0294
commit 8ea4003994
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
cmd/common.go
View File

@ -133,6 +133,7 @@ func makeLogHandle(logInfo *certspotter.LogInfo) (*logHandle, error) {
return nil, fmt.Errorf("Error loading legacy STH: %s", err) return nil, fmt.Errorf("Error loading legacy STH: %s", err)
} }
if legacySTH != nil { if legacySTH != nil {
log.Printf("Initializing log state from legacy state directory")
ctlog.position, err = ctlog.scanner.MakeMerkleTreeBuilder(legacySTH) ctlog.position, err = ctlog.scanner.MakeMerkleTreeBuilder(legacySTH)
if err != nil { if err != nil {
return nil, fmt.Errorf("Error reconstructing Merkle Tree for legacy STH: %s", err) return nil, fmt.Errorf("Error reconstructing Merkle Tree for legacy STH: %s", err)
@ -151,11 +152,17 @@ func makeLogHandle(logInfo *certspotter.LogInfo) (*logHandle, error) {
} }
func (ctlog *logHandle) refresh () error { func (ctlog *logHandle) refresh () error {
if *verbose {
log.Printf("Retrieving latest STH from log")
}
latestSTH, err := ctlog.scanner.GetSTH() latestSTH, err := ctlog.scanner.GetSTH()
if err != nil { if err != nil {
return fmt.Errorf("Error retrieving STH from log: %s", err) return fmt.Errorf("Error retrieving STH from log: %s", err)
} }
if ctlog.verifiedSTH == nil { if ctlog.verifiedSTH == nil {
if *verbose {
log.Printf("No existing STH is known; presuming latest STH (%d) is valid", latestSTH.TreeSize)
}
ctlog.verifiedSTH = latestSTH ctlog.verifiedSTH = latestSTH
if err := ctlog.state.StoreVerifiedSTH(ctlog.verifiedSTH); err != nil { if err := ctlog.state.StoreVerifiedSTH(ctlog.verifiedSTH); err != nil {
return fmt.Errorf("Error storing verified STH: %s", err) return fmt.Errorf("Error storing verified STH: %s", err)
@ -175,6 +182,9 @@ func (ctlog *logHandle) audit () error {
} }
for _, sth := range sths { for _, sth := range sths {
if *verbose {
log.Printf("Verifying consistency between STH %d (%x) and STH %d (%x)", sth.TreeSize, sth.SHA256RootHash, ctlog.verifiedSTH.TreeSize, ctlog.verifiedSTH.SHA256RootHash)
}
if sth.TreeSize > ctlog.verifiedSTH.TreeSize { if sth.TreeSize > ctlog.verifiedSTH.TreeSize {
isValid, err := ctlog.scanner.CheckConsistency(ctlog.verifiedSTH, sth) isValid, err := ctlog.scanner.CheckConsistency(ctlog.verifiedSTH, sth)
if err != nil { if err != nil {
@ -183,6 +193,9 @@ func (ctlog *logHandle) audit () error {
if !isValid { if !isValid {
return fmt.Errorf("Log has misbehaved: STH in '%s' is not consistent with STH in '%s'", ctlog.state.VerifiedSTHFilename(), ctlog.state.UnverifiedSTHFilename(sth)) return fmt.Errorf("Log has misbehaved: STH in '%s' is not consistent with STH in '%s'", ctlog.state.VerifiedSTHFilename(), ctlog.state.UnverifiedSTHFilename(sth))
} }
if *verbose {
log.Printf("STH %d (%x) is now the latest verified STH", sth.TreeSize, sth.SHA256RootHash)
}
ctlog.verifiedSTH = sth ctlog.verifiedSTH = sth
if err := ctlog.state.StoreVerifiedSTH(ctlog.verifiedSTH); err != nil { if err := ctlog.state.StoreVerifiedSTH(ctlog.verifiedSTH); err != nil {
return fmt.Errorf("Error storing verified STH: %s", err) return fmt.Errorf("Error storing verified STH: %s", err)

2
cmd/state.go
View File

@ -14,6 +14,7 @@ import (
"encoding/base64" "encoding/base64"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"log"
"io/ioutil" "io/ioutil"
"os" "os"
"path/filepath" "path/filepath"
@ -90,6 +91,7 @@ func OpenState (statePath string) (*State, error) {
return nil, fmt.Errorf("Error creating state directory: %s", err) return nil, fmt.Errorf("Error creating state directory: %s", err)
} }
if version == 0 { if version == 0 {
log.Printf("Migrating state directory (%s) to new layout...", statePath)
if err := os.Rename(filepath.Join(statePath, "sths"), filepath.Join(statePath, "legacy_sths")); err != nil { if err := os.Rename(filepath.Join(statePath, "sths"), filepath.Join(statePath, "legacy_sths")); err != nil {
return nil, fmt.Errorf("Error migrating STHs directory: %s", err) return nil, fmt.Errorf("Error migrating STHs directory: %s", err)
} }